<?php
function usernameExists($username)
{
	global $db,$db_table_prefix;

 	if(returns_result("SELECT active FROM ".$db_table_prefix."users WHERE username_clean = '".$db->sql_escape(sanitize($username))."' LIMIT 1") > 0)
		return true;
	else
		return false;
}

function emailExists($email)
{
	global $db,$db_table_prefix;

	if(returns_result("SELECT active FROM ".$db_table_prefix."users WHERE Email = '".$db->sql_escape(sanitize($email))."' LIMIT 1") > 0)
		return true;
	else
		return false;	
}

//Function lostpass var if set will check for an active account.
function validateActivationToken($token,$lostpass=NULL)
{
	global $db,$db_table_prefix;
	
	if($lostpass == NULL) $sql = "SELECT activation_token FROM ".$db_table_prefix."users WHERE active = 0 AND activation_token ='".$db->sql_escape(trim($token))."' LIMIT 1";
	else 			      $sql = "SELECT activation_token FROM ".$db_table_prefix."users WHERE active = 1 AND activation_token ='".$db->sql_escape(trim($token))."' AND lost_password_pequest = 1 LIMIT 1";
	
	if(returns_result($sql) > 0)
		return true;
	else
		return false;
}


function setUserActive($token)
{
	global $db,$db_table_prefix;
	
	$sql = "UPDATE ".$db_table_prefix."users SET active = 1 WHERE activation_token ='".$db->sql_escape(trim($token))."' LIMIT 1";
	
	$db->sql_query($sql);

	if($db->sql_affectedrows() <= 0) return false; else return true;
	
}

//You can use a activation token to also get user details here
function fetchUserDetails($username=NULL,$token=NULL)
{
	global $db,$db_table_prefix; 
	
	if($username!=NULL)  $sql = "SELECT * FROM ".$db_table_prefix."users WHERE username_clean = '".$db->sql_escape(sanitize($username))."' LIMIT 1";
	else				 $sql = "SELECT * FROM ".$db_table_prefix."users WHERE activation_token = '".$db->sql_escape(sanitize($token))."' LIMIT 1";
	
	$result = $db->sql_query($sql);
	$row = $db->sql_fetchrow($result);
	$db->sql_freeresult($result);

	return ($row);
}

function flagLostPasswordRequest($username,$value)
{
	global $db,$db_table_prefix;
	
	$sql = "UPDATE ".$db_table_prefix."users SET lost_password_request = '".$value."' WHERE username_clean ='".$db->sql_escape(sanitize($username))."' LIMIT 1";
	
	$db->sql_query($sql);

	if($db->sql_affectedrows() <= 0) return false; else return true;
}

function updatePasswordFromToken($pass,$token)
{
	global $db,$db_table_prefix;
	
	$new_activation_token = generateActivationToken();
	
	$sql = "UPDATE ".$db_table_prefix."users SET password = '".$db->sql_escape($pass)."', activation_token = '".$new_activation_token."' WHERE activation_token = '".$db->sql_escape(sanitize($token))."'";
	
	$db->sql_query($sql);
	
	if($db->sql_affectedrows() <= 0) return false; else return true;
}

function emailUsernameLinked($email,$username)
{
	global $db,$db_table_prefix;
	
	if(returns_result("SELECT username, email FROM ".$db_table_prefix."users WHERE username_clean = '".$db->sql_escape(sanitize($username))."' AND email = '".$db->sql_escape(sanitize($email))."'") > 0)
		return true;
	else
		return false;
}


function isUserLoggedIn()
{
	global $loggedInUser,$db,$db_table_prefix;
	
	if($loggedInUser == NULL)
		return false;
	else
	{
		//Query the database to ensure they haven't been removed or possibly banned?
	if(returns_result("SELECT user_id,password FROM ".$db_table_prefix."users WHERE user_id = '".(int)$db->sql_escape($loggedInUser->user_id)."' AND password = '".$db->sql_escape($loggedInUser->hash_pw)."' AND Active = 1 LIMIT 1") > 0)
			return true;
		else
		{
			//No result returned kill the user session, user banned or deleted
			$loggedInUser->userLogOut();
		
			return false;
		}
	}
}

//This function should be used like num_rows, since the PHPBB Dbal doesn't support num rows we create a workaround
function returns_result($sql)
{
	global $db;
	
	$count = 0;
 	$result = $db->sql_query($sql);
	
  	while ($row = $db->sql_fetchrow($result))
    {
      $count += 1;
    }
	$db->sql_freeresult($result);
	return ($count);
}

//Generate an activation key 
function generateActivationToken()
{
	$gen;

	do
	{
		$gen = md5(uniqid(mt_rand(), false));
	}
	while(validateActivationToken($gen));

	return $gen;
}

function updateLastActivationRequest($new_activation_token,$username,$email)
{
	global $db,$db_table_prefix; 
	
	$sql = "UPDATE ".$db_table_prefix."users SET activation_token = '".$new_activation_token."', last_activation_request = '".time()."' WHERE email = '".$db->sql_escape(sanitize($email))."' AND username_clean = '".$db->sql_escape(sanitize($username))."'";
	
	$db->sql_query($sql);

	if($db->sql_affectedrows() <= 0) return false; else return true;
}


?>